Secure Communication System and Method

This application relates to a secure communication system and method, and in particular to a system and method for secure communication between a device and a computer program running on a server. In some embodiments, the computer program may be a virtual agent function running in an omnichannel system.

Omnichannel customer engagement refers to the ability of a company to provide its customers access to its products and services via multiple communication channels, offering a seamless, integrated customer experience. It allows customers to get in touch whenever and wherever they are, with conversations and their context being maintained when the customer switches from one channel to another. A customer may initiate contact with a company via phone and then continue the conversation via email, followed by an interaction with a support agent via chat, all the while maintaining continuity in the conversation.

Companies are also adding automated bots to these omnichannel systems to provide virtual agent functionality, providing more immediate response to their customers. Chatbots are a good way to enable common, frequently asked queries to be responded to. Likewise, voicebots are replacing conventional interactive voice response (IVR) systems to provide a conversational customer experience via voice.

Omnichannel solutions have been provided by companies in business to consumer scenarios, typically in a call centre setting, e.g. consumers checking their booking or flight information in the airline or travel industry, or consumers checking on their plans or device information with their telecommunications provider. In such cases, users are typically authenticated by entering an individual username and a password each time they access the omnichannel system.

These known omnichannel solutions have a number of limitations against their adoption in certain sectors, particularly when it comes to security and authentication of users. For example, the air transport industry (ATI) and other transportation and passenger processing sectors present a unique set of challenges when it comes to customer support. In the ATI in particular, customers of a company providing an omnichannel system can include airlines and airport operators, rather than direct consumers in the public. Further, the customers can themselves employ a chain of third party suppliers (so called “indirect consumers”), e.g. ground handlers, that need to interact with the omnichannel system for customer and technical support. Such situations can lead to difficulties in authenticating the person attempting to connect via a communication channel.

Specifically, companies operating in sectors which do not deal directly with an end consumer do not manage all of the specific user identities of their customers, i.e. all specific employees of a customer. The identity management of the specific users is the responsibility of their employing organisations. Further, all employees of external users, such as third party suppliers, will also not be registered with the omnichannel system. This creates an issue when enabling self-service capabilities through a virtual agent functionality. Access to data and functionality should be limited to that owned by or relevant to a particular customer. Since the user's specific identity cannot be verified, it is not possible to securely authenticate the user and therefore securely provide access to the data and actions relevant to particular customers. Without authenticating the user, controlled access to customer data and backend services to automate the resolution of issues cannot be allowed, as there is a risk one customer could access another customer's data. At best only general, public information can be provided in responses.

We have appreciated that it would be desirable to provide an omnichannel system that can allow customers and their suppliers to access the omnichannel system in a secure manner, without knowledge of the specific identity of the user.

The invention is defined by the independent claims, to which reference should now be made. Advantageous features are set out in the dependent claims.

According to a first aspect of the invention, a method of secure communication between a device and a computer program running on a server is provided. The method comprises the steps of: sending, from the device to the server, generic user identification information based on a current user account logged into on the device; identifying, by the server, the generic user identification information as corresponding to an allowed entity pre-registered with the server; sending, from the server to a remote management module, an identification token associated with the allowed entity, said remote management module having stored thereon a register of registered devices; running, by the remote management module, a remote action on the device using the stored register entry for that device, wherein the remote action passes the identification token to the device; sending, from the device to the server, the identification token; and allowing the device to access the computer program based at least in part on a match between the identification token sent by the server and the identification token received by the server from the device.

Optionally, the method further comprises the steps of: generating, by the server, a one-time authentication token; sending, from the server to the remote management module, the one-time authentication token along with the identification token; passing the one-time authentication token to the device along with the identification token; sending, by the device to the server, the one-time authentication token along with the identification token; allowing the device to access the computer program based at least in part on a match between the one-time authentication token generated by the server and the one-time authentication token received by the server from the device.

Optionally, the one-time authentication token is a randomly generated code.

Optionally, the generic user identification information comprises one or both of: an organisation name associated with the current user account logged into on the device, and/or a location associated with the device.

Optionally, the generic user identification does not include the identity of the specific person using the device.

Optionally, the identifying the generic user identification information as corresponding to an allowed entity comprises: confirming that the organisation name and/or the location appear in a list of allowed organisations and/or locations pre-registered with the server with permission to access the computer program.

Optionally, the generic user identification information comprises both the organisation name associated with the current user account logged into on the device and the location associated with the device; and identifying the generic user identification information as corresponding to an allowed entity comprises: confirming that the organisation name and location pair appear in a list of allowed organisation and location pairs pre-registered with the server with permission to access the computer program.

Optionally, the identifying the generic user identification information as corresponding to an allowed entity is independent of the identity of the specific person using the device.

Optionally, the method further comprises the step of: preventing the device from accessing, via the computer program, data and/or functionality for which the organisation name and/or the location of the generic user identification information lacks permission.

Optionally, the data for a plurality of organisations is stored in a data storage unit, with data for each organisation stored in a different domain; and the method further comprises the step of: preventing the device from accessing, via the computer program, any storage domain other than the storage domain containing data of the organisation associated with the current user account logged into on the device.

Optionally, the server includes stored thereon an identification token for each allowed entity pre-registered with the server.

Optionally, each allowed entity is an allowed organisation name and/or location, preferably an allowed organisation name and location pair.

Optionally, the identification token is a digest code generated by performing a hash function on the allowed organisation name and/or location.

The method of any preceding claim, wherein the device is installed in one of: an airport, a train station, a port, or a transportation terminal.

Optionally, the generic user identification information comprises one or both of: an airline name or ground handling agency name associated with the user account logged into on the device, and/or an airport in which the device is installed.

Optionally, the device is any one of: a tablet; a smart phone; a mobile device; a common use terminal equipment, CUTE, device; a multi-tenancy device; a connected device; an airport workstation; a kiosk; a self-bag drop unit; a biosecurity device.

Optionally, the method further comprises the step of: sending, from the workstation to the server, along with the generic user identification information, at least one of: a hostname of the device; a device identification code for the device included in the register of registered devices; and information indicative of a node of the remote management module associated with the device.

Optionally, the method further comprises the step of: sending, from the server to the remote management module, along with the identification token, at least one of: the device identification code for the device included in the register of registered devices; and the information indicative of a node of the remote management module associated with the device.

Optionally, the method further comprises the step of: performing a check that the identification token passed to the device from the remote management module matches the current user account logged into on the device.

Optionally, the computer program is a virtual agent function.

Optionally, the method further comprises the steps of: inputting, by a user of the device, an input query to the virtual agent function; processing the input query using a natural language understanding, NLU, module to determine an intent of the input query; and performing an automated action by the virtual agent function based on the determined intent.

Optionally, the virtual agent function is an automated chatbot and the input query is a text command input via the device.

Optionally, the virtual agent function is an automated voicebot; the input query is a voice command input via the device; and the method further comprises: converting, via a speech to text module, the voice command to a text command prior to the processing by the NLU module.

Optionally, the method further comprises the step of: translating the input query from a first language to a second language prior to the processing by the NLU module.

Optionally, the NLU module is trained using a data set comprising air transport industry specific terminology.

Optionally, the method further comprises the steps of: inputting, by a user of the device, a selection of a first prompt from a plurality of prompts presented by the virtual agent function on the device; performing an automated action by the virtual agent function based on the selected prompt.

Optionally, the automated action is at least one of: instructing the remote management module to perform a remote action on the device; instructing the remote management module to reboot the device or a peripheral device connected to the device; instructing the remote management module to restart a service running on the device; instructing the remote management module to perform a remediation action on the device or a peripheral device connected to the device; instructing the remote management module to perform a health check on the device, and optionally displaying a report of the health check on the device; logging a record with a central database.

Optionally, the device is a first device, and the automated action comprises logging a fault with a second device with a central database.

Optionally, the automated action comprises retrieving data from a data storage unit and outputting the data to the user of the device.

Optionally, the retrieving data and/or outputting the data is conditional on an organisation name associated with the current user account logged into on the device and/or a location associated with the device.

Optionally, the automated action comprises initiating a communication channel with a live agent.

Optionally, the method further comprises the steps of: receiving an input from the user of the device in a first language; translating in real time, by a dynamic translation module, the input into a second language set by the live agent.

According to a second aspect of the invention, a secure communication system is provided. The system comprises: a device; a server having a computer program running thereon; and a remote management module having stored thereon a register of registered devices; wherein: the device is configured to send to the server generic user identification information based on a current user account logged into on the device; the server is configured to identify the generic user identification information as corresponding to an allowed entity and subsequently send an identification token associated with the allowed entity to the remote management module; the remote management module is configured to run a remote action on the device using the stored register entry for that device, wherein the remote action is configured to pass the identification token to the device; the device is configured to send the identification token to the server; and the server is configured to allow the device to access the computer program based at least in part on a match between the identification token sent by the server and the identification token received from the device.

The secure communication method and system according to the present invention provides a number of advantages. Firstly, the authentication process provides secure controlled access to customer's data and services in the backend systems, with access to data and functionality limited to that owned by or relevant to a particular customer. Secure access is enabled without the omnichannel operator needing to know the specific end user (i.e. employees) of each customer operating the device. Instead, access to the computer program on the server can be securely enabled based only on the generic user identification information, i.e. at the customer level (e.g. company and location/airline and airport), not based on the individual users employed by the customer.

Further, the secure communication method enables secure access without each end user (i.e. customer employee) having to enter an individual username and a password each time they access the omnichannel system. This is because the method allows authentication via the remote management module passing the identification token to the device without any intervention from the user, and without the omnichannel operator needing to manage the specific identities of the employees of each customer.

1 FIG. 1000 1000 100 200 1000 shows a secure communication systemaccording to an embodiment of the present invention. The secure communication systemcan be an omnichannel system enabling a userto securely access customer support or technical assistance, or in some cases securely communicate with a live agentof the operator of the omnichannel system. The secure communication systemwill therefore also be referred to as an omnichannel system herein.

1000 300 400 300 100 300 300 100 The secure communication systemincludes a deviceand a server. The devicemay be any suitable device through which the usercan access the omnichannel system, for example a computer, a smartphone, a tablet, a mobile device or the like. In some embodiments, the devicemay be a common use terminal equipment (CUTE) device or a multi-tenancy device which is shared between multiple customers. In an ATI setting, these customers could include different airlines or ground handling companies, for example. The devicemay also be any other connected device through which the usercan access the omnichannel system, such as an airport workstation, a kiosk such as an automated check-in kiosk, a self-bag drop unit or an airport a biosecurity device.

1 FIG. 300 300 300 1000 1000 In the embodiment shown in, the deviceis an airport workstation. Therefore the devicewill also be referred to as a workstationherein, although it is not limited thereto. Further, although described in relation to use in an airport setting in the following description, the secure communication systemmay be used for various other applications. The secure communication systemmay in particular be used in other passenger related processing areas, such as in a train station, a port, a transportation terminal, or in hotels or the like.

300 400 400 100 300 400 300 402 The deviceis able to communicate with the server, for example via HTTPS. The serveracts as a service management system, providing the useraccess to data and functionality via the workstation. For example, the serverhas running thereon a computer program to which the workstationcan be allowed access. In the present embodiment, the computer program is a virtual agent program, such as a chatbot or a voicebot running on the server, however other computer programs may be used.

100 402 300 1000 As part of the omnichannel system, the usermay wish to access the virtual agent programto access data, ask questions and technical queries, report issues or incidents or fault, and so on. For example, in the ATI in particular, ground staff typically use a CUTE workstation, provided and managed by the operator of the omnichannel system, for passenger and baggage check-in processes. These workstationsmay also have peripherals such printers and scanners attached. If there is a malfunction with any of these devices, the airline agent or baggage hander may wish to seek support via the omnichannel systemto resolve the issue.

100 302 300 402 304 300 300 304 402 Specifically, the usermay be logged into a user profileon the workstation, and may access the virtual agentvia a web clienton the workstation. For example, the desktop of the workstationmay include a short-cut link to enable the ground staff to connect to service support. The shortcut runs an app that launches the web clientthat connects to the virtual agentrunning on the server.

100 402 300 402 404 402 402 100 300 In the case that the computer program is a virtual agent chatbot, the usercan converse with the virtual agent, for example by typing on a keyboard of the workstation. The virtual agentcan communicate with a natural language understanding (NLU) moduleable to determine the user's intent from their input. The virtual agentcan then proceed with an appropriate automated action based on the determined intent. In that way, the virtual agentcan assist the userof the workstationwith any queries they have.

1 FIG. 404 400 404 404 400 402 In the embodiment of, the NLU moduleis shown separately to server. For example, the NLU modulemay be hosted in the cloud. However, the NLU modulemay also be included in the serverin some embodiments, or may form part of the virtual agent computer programitself in some embodiments.

100 200 100 200 100 402 300 402 400 200 300 402 404 100 1 FIG. In some cases, the usermay wish to converse with the live agent. Therefore in some embodiments, one functionality of the computer program includes facilitating communication between the userand the live agent. In the specific embodiment of, this can involve the useraccessing the virtual agentvia the workstation, and the virtual agentpassing the communication channel onto the agent, i.e. the servercan transfer the chat to a live service desk agent. This transfer to a live agentmay be an automated action performed by the virtual agentin response to the NLU moduledetermining that the userwishes to speak to a live agent.

1 FIG. 200 406 400 300 As shown in, the agentmay communicate with the user via an agent console. The agent console may be a computer program running on the server, or alternatively could run on a separate device, such as an agent device/workstation away from the user workstation. Once the user and agent are connected, both can type messages into their respective workstations in order to converse.

100 200 100 300 300 100 408 100 408 400 408 400 1 FIG. Alternatively, communication between the userand agentcan be facilitated via voice. For example, the usermay input speech at the workstation, e.g. via a headset. Alternatively, the devicemay be a mobile phone or smartphone or the like, through which the usermay input the speech command. A voice call modulemay optionally be provided, to facilitate voice calls from the user. Again the voice call moduleis shown separate from the serverin, and may be hosted in the cloud in some examples. However the voice call modulemay also be included in the serverin some embodiments.

408 100 410 410 410 404 402 100 The voice call modulecan transfer a voice input by the userto a speech to text module, which converts the voice input to textual data. Again the speech to text modulemay be separate from the server, e.g. in the cloud, or included in the server. The textual data from the speech to text modulecan be passed to the NLU moduleto determine the user's intent. The virtual agentcan then converse with the user, with the virtual agent typically being a voicebot communicating via voice if the user has initiated contact with a voice call, e.g. by using speech synthesis software or pre-recorded audio clips to speak back to the user. The virtual agent voicebot can again complete automated actions based on the determined intent from the speech input.

200 402 100 200 408 200 100 200 In the case that the user requests to speak with a live agent, the virtual agentcan connect the userto the agentvia the voice call module, and the agentcan then then converse with the user, e.g. via a headset at the agent device, or via a mobile phone of the agent.

100 300 400 402 400 100 200 In this way, the usermay input either a chat or voice command via the deviceto the server, and the virtual agentrunning on the servercan perform an automated action in response to the input, which may include putting the userinto either chat or voice communication with the live agent.

1000 500 400 500 500 500 3 3 a b FIGS.and The secure communication systemalso includes a remote management modulecommunicatively coupled to the server. The remote management moduleincludes a stored register of all devices managed by the omnichannel system operator. In other words, all devices within the system operator's network that can be used to access the omnichannel system are registered with the remote management module. The remote management moduleis used for the authentication of users, as will be described in more detail in relation tobelow.

1000 400 408 304 500 404 The above described secure communication systemand omnichannel solution is technology agnostic, and can therefore be implemented using various different products and software. For example, the servercould include products such as ServiceNow or Amazon Lex, the voice call modulecould include products such as Genesys Cloud or Amazon Connect, the web clientcould include products such as .NET or Python, the remote management modulecould include products such as Nexthink or N-able, and the NLU modulecould include products such as Google DialogFlow.

2 FIG. 2 FIG. 1 FIG. 2000 602 602 100 shows a logical architectureof a secure communication system, in this case an omnichannel virtual agent system, in an exemplary embodiment of the present invention. As can be seen in, the omnichannel solution supports a wide range of end users, including staff directly working for customers of the omnichannel operator, e.g. airlines and airports, as well contractors and subcontractors working on behalf of those customers, e.g. baggage handlers. The solution also supports suppliers, corporate users and field agents of the omnichannel operator itself. These usersare equivalent to userof.

604 604 602 300 602 1 FIG. 3 3 a b FIGS.and Boxshows the various interaction channels supported by the omnichannel system. As seen in box, the end usersmay interact via a variety of communication channels including voice, email, portal, chat and mobile. Each of these channels may be accessed via several devices and client applications, such as deviceof. The system also enables centralised management of all interactions, regardless of which channels they came through. This facilitates better reporting and analytics of how users are contacting the omnichannel operator for support. Finally, users interacting with the system are identified and authenticated so that appropriate security and access controls can be applied when exposing any services and data to the users. Specifically, the end usersaccessing the omnichannel system will typically make requests requiring operational access. Secure access therefore needs to be ensured to protect the end user's company's operational data in the backend systems, as well as ensuring privileged access to control the elements of the device, such as restarting a service or rebooting a device. The authentication process will be described in more detail in relation tobelow.

606 404 606 408 410 8 1 FIG. 1 FIG. 6 FIGS. b Interaction sessions are turned into conversations and handled by the natural language chatbot shown in box, equivalent to the NLU moduleof. A cloud based chatbot service may be used for boxin some embodiments. Any voice interactions can be transcribed to text (e.g. via the voice call moduleand the speech to text moduleof) and then processed by the chatbot and the response converted back to speech to relay back to the user. The natural language understanding capability may be driven by machine learning models, which may include enhanced vocabulary and ATI specific training models. The chatbot may also be able to translate between various languages. These features will be discussed in more detail below in relation toto. The translation may use a cloud-based translation service, such as Google Translate or Azure Cognitive Services Translator.

608 402 402 404 606 200 1 FIG. Boxshows the virtual agent function, equivalent to the virtual agentof. The virtual agentcontains the intelligent, automated conversation flows to enable self-service fulfilment of customer requests, based on the intent identified by the natural language chatbot (i.e. NLU module,). Common service requests and issues are resolved by the virtual agent without any human intervention. This may include context search through a service catalog or knowledge base. The automated flows may also make calls to other systems of record to retrieve data required to fulfil the request. The virtual agent can also transfer the user to a live, human agentif the user requests so or if the virtual agent is unable to assist.

610 610 612 Boxshows the fulfilment backend of the omnichannel system. In boxthere are further workflows and integrations with the backend systemsto complete the request and provide a response to the user.

612 602 Customer Relationship Management (CRM) systems to provide a response to a customer account query; Customer Service Management (CSM) systems to provide response to a customer care query; IT Service Management (ITSM) systems to provide a response to an IT issue that the customer has; Remote Management systems to perform automated actions on a device remotely, to resolve an issue. While resolving a customer issue, controlled access is required to a range of backend systems. This may include ticketing systems that track incidents and requests, Customer Relationship Management (CRM) systems that contain information related to customers and their entitlements, and automation and remote management systems that manage the workstations and other devices used by the end users. Specifically, the backend systems may include:

614 618 200 402 608 100 602 616 406 1 FIG. 1 FIG. Lastly, boxshows the agent assistance facilities which enable the omnichannel operator's service agents(equivalent to the live agentof) to respond effectively when the interactions are directed to them from the virtual agent,. The system ensures that the agents have access to the history of the conversation that the end user,has had with the virtual agent and any triage that has been performed. There may be various different agent consoles(equivalent to agent consoleof) each tailored to different types of agents, including: Service Desk Agents, Tech Support agents, CSM agents, Sales agents, and the like. The agents may be organised into queues, with requests being routed automatically to available agents based on their skills and availability.

606 608 610 614 400 612 500 1 FIG. 1 FIG. In some embodiments, each of boxes,,andmay be included in the serverof. The Remote Management back end systemmay be included in the remote management moduleof.

100 1000 As mentioned, the omnichannel operator may store operational and service management data related to each of its customers, and is required to keep customer data secure and segregated for each customer. Therefore when an employee of a particular customer (i.e. a user) interacts with the omnichannel system (i.e. the secure communication system), the system must ensure that the user only has access to data and services belonging to that customer.

100 100 3000 3 a FIG. To solve this problem, the system maintains data segregation by storing customer data in separate domains. Access to data is controlled by the company (organisation) that the end userbelongs to. However, the omnichannel operator does not manage the identities of the end usersas they are employees of customer organisations. It is not viable to authenticate each customer end user against a register stored by the omnichannel operator, as the end users (i.e. employees) of each customer are managed by the customer organisations and not the omnichannel operator. Therefore the omnichannel system cannot identify and authenticate users by their individual identities. Instead, the secure communication methodofis used.

3 a FIG. 1 FIG. 3000 3000 300 400 shows a flow chart of a secure communication methodaccording to an embodiment of the present invention. The secure communication methodmay be performed between the deviceand the serverof.

702 302 300 300 400 300 In step, generic user identification information based on a current user accountlogged into on the deviceis sent from the deviceto the server. The generic user identification information is information that is sufficient to identify the particular organisation of the customer of the omnichannel operator, but is not dependent on the identity of the specific end user (i.e. employee) currently using the device.

302 300 3000 300 In some embodiments, the generic user identification information may include an organisation name associated with the current end user accountlogged into on the device. Additionally or alternatively, the generic user identification information may include a location associated with the device. For example, in an embodiment of the secure communication methodapplied to an ATI scenario the generic user identification information may include an airline name or ground handling agency name as the organisation name. Further, in some embodiments, the generic user identification information may also include a specific airport in which the deviceis installed as the location.

704 400 402 400 400 100 300 In step, the serveridentifies if the generic user identification information corresponds to an allowed entity pre-registered with the server. An allowed entity is an entity pre-registered with the server with permission to access the computer program. The servermay check the generic user identification information against a list of allowed entities to perform the identification. The identification by the serverthat the generic user identification information corresponds to an allowed entity is not dependent on the identity of the specific end userusing the device.

400 402 300 402 402 3000 Specifically, an allowed entity pre-registered with the servermay be any of: an organisation name with permission to access the computer program, a location of the devicewith permission to access the computer program, or both a specific organisation name and device location pair with permission to access the computer program. For example, in an embodiment of the secure communication methodapplied to an ATI scenario the generic user identification information may include both an airline name or ground handling agency name in addition to the specific airport in which the device is installed. The server may then check the airline/ground handling agency name and airport location pair against a list of allowed airline/ground handling agency name and airport location pairs.

3000 706 706 400 500 300 300 400 500 If the generic user identification information is identified as corresponding to an allowed entity, the methodcontinues to step. In step, the serversends to the remote management modulean identification token associated with the identified allowed entity. The identification token is a token unique to that allowed entity which is not stored on the deviceand is only made accessible to the deviceby the server(via the remote management module).

In some embodiments, the identification token is a digest code generated by performing a hash function on either the organisation name of the allowed entity, the device location of the allowed entity, or the organisation name and location pair of the allowed entity. The hash function may use SHA256 encoding in some embodiments. Using a digest code as the identification token allows the identity of the user to be obfuscated when the identification token is transmitted in the following steps.

400 400 400 500 400 In some embodiments, the servermay include a stored list of identification tokens for each allowed entity pre-registered with the server. These identification tokens may be generated for each allowed entity during the pre-registration with the server. The servercan select from this list the identification token for the allowed entity that the generic user identification information is identified as corresponding to, and send this identification token to the remote management module. Alternatively, it is also possible for the identification token to be generated by the serveron the fly, in response to identifying the generic user identification information as corresponding to an allowed entity.

708 500 300 400 702 500 300 300 In step, upon receiving the identification token, the remote management moduleruns a remote action on the devicethat sent the generic user identification information to the serverin step. The remote management modulehas stored thereon a register of all devices registered with the omnichannel operator and runs the remote action on the deviceusing the stored register entry for that device.

500 300 300 400 702 500 400 The remote action run by the remote management modulepasses the identification token to the device. In this way, the identification token is only passed on to devicewhich initially sent the generic user identification information to the serverin stepif the device is registered with the remote management module(i.e. is registered with the omnichannel system operator). This prevents unauthorized devices (i.e. any devices not preregistered with the omnichannel system operator) from being able to receive the identification token from the server.

710 500 300 400 In step, upon receiving the identification token from the remote management module, the devicesends the identification token back to the server.

712 400 300 710 500 706 706 710 400 300 402 706 710 300 402 In step, the servercompares the identification token received from the devicein stepwith the identification token that the server sent to the remote management modulein step. If the server finds a match between the identification token sent in stepand the identification token received in step, the serverallows the deviceto access the computer program. If the identification token sent in stepand the identification token received in stepdo not match, then the server will not allow the deviceto access the computer program.

300 400 402 300 302 302 300 302 300 300 402 The secure communication methodtherefore allows the serverto control access to the computer program, such as the virtual agent function discussed above. This authentication is done without knowing the identity of the specific end user (i.e. person) operating the device, or the specific password of the current user accountlogged into on the device, but instead uses only generic user identification information based on the current user accountlogged into on the device. The current user accountmay be a specific user account unique to the end user operating the device, or may be a shared account to which various end users from the organisation of the allowed entity have access to. In either case, only the abstracted generic user identification information affects whether the deviceis allowed access to the computer program.

Further, using the generic user identification information and identification token to authenticate the access to the computer program also advantageously avoids the need for interactive authentication. For example, if authentication were to be performed at the level of the specific end user operating the device, the end user would need to be prompted for a username and password each time they wished to access the computer program. Authenticating via the generic user identification information and identification token instead can be performed without any specific end user input being needed.

400 402 402 402 400 In the above described method, the servercan check if the generic user identification information corresponds to an organisation that is allowed to access the computer program, or corresponds to a device location that is allowed to access the computer program, and only grant access to the computer programif a match is detected. Further, in the case that the pre-registered allowed entity includes both an organisation name and a device location pair, the servercan only allow access when the generic user identification information corresponds to both of the organisation name and location pair. This can be particularly beneficial in an ATI scenario, where access for a particular organisation at one airport can be allowed, whilst access for that same organisation at another airport is prevented as the relevant organisation airport pair does not appear on the list of allowed entities.

300 402 710 300 300 400 500 500 400 500 402 400 500 Further, when the devicerequests access to the computer program, the device is authenticated based on the identification token sent in step, rather than based on the generic user identification information initially sent by the device. The identification token is not stored locally on the devicebut needs to be obtained from server, via the remote management function. Only devices registered with the remote management moduleare able to receive the identification token from the server, as the identification token is sent via the remote management moduleusing the register of devices, and thus security is increased. In particular, if a malicious third party sought to access the computer program(i.e. the omnichannel system) with a non-registered device, the authentication would necessarily fail, as the unregistered device would be unable to obtain the correct identification token from the servervia the remote management module.

300 402 300 402 300 3000 400 3 a FIG. In the case that the deviceis allowed access to the computer program, based on a successful match between the identification tokens sent and received, the server can still prevent the devicefrom accessing other functionality or data from which the allowed entity lacks permission. For example, the computer programmay include a plurality of functionalities, for which each allowed entity is entitled to different levels of access. The particular allowed entity (i.e. organisation name and/or location) to which the user of the devicebelongs is known via the authentication method, and therefore the server may only allow access to functionality to which that allowed entity is entitled. Similarly, the server may only allow access to data for which the identified allowed entity has permission for. The servertherefore allows authenticated users to access certain applications and data using role-based authorisation.

400 400 300 In particular, in one embodiment data for a plurality of organisations may be stored in a data storage unit, with data for each organisation stored in a different domain. The servermay have stored thereon a list of all identification tokens and the corresponding storage domains for which that identification token has permission to access. The servercan therefore prevent the devicefrom accessing any storage domain other than the domain containing data of the organisation of that allowed entity corresponding to that identification token. Therefore only data for the organisation associated with the current user account logged into on the device may be accessed. In this way, security of each organisation's (i.e. customer's) data can be ensured.

3 b FIG. 3 b FIG. 3 a FIG. 3 b FIG. 4000 4000 3000 4000 shows a flow chart of a secure communication methodaccording to an embodiment of the present invention. The methodofis the same as the methodof, except that a number of further optional steps have been included. Inthe methodis applied to a scenario where the generic user identification information includes an airline name and airport pair.

802 100 300 402 402 300 400 The method begins in step, where the end userusing the device, in this case a workstation, clicks on shortcut to initiate connection to the computer program. In this embodiment the computer programis a virtual agent chatbot, however other computer programs may be used. The clicking of the shortcut by the user of the workstationtriggers a script to make a REST call to the server.

804 400 In step, a REST call is made to a verify-user scripted API endpoint of the server. One example of the details for the REST call are shown below:

Endpoint: GET https: //${sita- server}/api/siae/airport user/verify Authorisation: Bearer access_token Query Params: generic_user_identification_information, hostname, device_id, remote_management_module_engine_name

400 300 300 The REST call sends to the serverthe generic user identification information based on the current user account logged into on the workstation. In this case, the generic user identification information includes an airline name and an airport location of the workstation, for example AA: LHR. Therefore authentication for accessing the virtual agent function in this embodiment is performed based on a combination of the airline and airport codes associated with the current user account logged into on the workstation.

hostname: the computer name of the workstation, e.g. MIAGCKB090; device_id: unique ID of the workstation as registered in the remote management module, e.g. 1ab7cf04a94ed7e6071aee0; 400 500 814 816 remote_management_module_engine_name: the remote management module manager (engine) node that manages the workstation.These query parameters provide the serverwith the details on how to reach the workstation through the remote management module(as done in stepsandbelow). Further, the REST call may optionally include one or more of the following query parameters:

804 The inbound REST API request in stepmay be authenticated using OAuth. This improves security by passing a token instead of credentials with every request.

300 400 806 808 400 402 The workstationthen waits for response from the serveron a Named Pipe, and the method proceeds to step, where the scripted API service obtains the identification token, in this case a SHA256 digest code, associated with an allowed entity to which the generic user identification information corresponds. Again here the allowed entity is an airline name and airport location pair e.g. AA: LHR, pre-registered with the serveras allowed to access the virtual agent function.

808 A Javascript snippet is shown below, which gives one example of how the digest code identification token can be generated using a SHA256 security algorithm. The digest code may be generated on the fly. Alternatively, the digest code may be generated during preregistration of the allowed entity with the server, and retrieved from a look up table of all allowed entities and corresponding identification tokens (digest codes) in step.

// Get identity digest code var ident_code = SncAuthentication.encode(generic username, “zyz”, “HmacSHA256”);

The use of a hash function for generating the identification token means that instead of passing the generic user identification information (e.g. AA: LHR) in clear text, a hashed identification token is passed in the following HTTP calls. In other words, a hash function is applied to the airline and airport code pair (i.e. the allowed entity corresponding to the generic user identification information) to produce a digest code, before sending then across the network, resulting in increased security.

400 In the case that the generic user identification information does not correspond to any allowed entity, no digest code will be obtained, and the initial REST call will timeout with no access to the virtual agent function being allowed by the server.

810 400 812 Next at step, in the case that a digest code is successfully obtained, an one-time authentication token is generated by the server. This one-time authentication token is an optional additional layer of security for each session which may be used in conjunction with the identification token, and will be discussed in more detail below. The one-time authentication token may be stored in memoryfor a predetermined period of time, for example 24 hours. In some embodiments, the one-time authentication token may be a random six-digit authentication code, for example created using the following Javascript code:

// Generate random auth_code var digits = ‘0123456789’; var auth_code = ‘’; for (var j = 0; j > −1; j++) {  auth_code = getAuthCode( );  if (auth_code.indexOf(‘0’) != 0) {   break;  } }

814 816 500 At stepboth the identification token (i.e. digest code) and one-time authentication token are passed to remote actionrunning on the remote management modulevia an outbound REST API call. One example of details for the REST call are shown below:

Endpoint: POST  https://${portal}/api/remoteaction/v2/run Authorisation: OAuth 2.0 Query Params: raUID, deviceUid, portal, engineUID, script

raUID: Remote Action ID 804 deviceUid: workstation device ID, i.e. the device_id of step Portal: remote management module portal address 804 engineUID: remote management module engine (node) ID that manages the workstation i.e. the remote_management_module_engine_name of step Script: name of the remote action script As shown above, the REST call may optionally include one or more of the following query parameters:

816 500 300 300 300 818 300 400 804 500 500 500 804 500 814 The remote actionon the remote management moduletargets the required workstationand runs a local script on the workstation, and passes the identification token and one-time authentication token to the workstationin step. Here the required workstationis the particular workstation that initially sent the generic user identification information to the serverin step. To target the required workstation, the remote management moduleuses the register of all devices registered with the omnichannel operator that is stored on the remote management module. Further, the remote management modulemay identify the required workstation based on one or more of the query parameters sent to the server with the REST call in step(which are passed on to the remote management modulevia the query parameters listed above in the REST call of step).

806 300 304 402 400 820 Once the identification token and one-time authentication token have been passed to the workstation, the local script writes to the waiting named pipe. The workstationmay then proceed further, by launching the web client chatboton the workstation and passing the identification token and one-time authentication token to the virtual agentrunning on the serverat step.

822 824 402 400 808 814 810 812 814 Next, in stepsand, the virtual agent programon the serverruns a script action to match the received identification token with the identification code obtained in stepand sent by the server in step. Further, the script action matches the received one-time authentication token with the one time authentication token generated in step(stored in the code log) and sent by the server in step.

826 100 300 814 828 100 If a correct match is found for both the identification token and one-time authentication token, the virtual agent chatbot session is established in. The useris granted access via the workstationand the chatbot starts conversation and progresses to topic discovery. If either of the identification token or one-time authentication token do not correctly match the tokens sent previously in step, the request to access the chatbot is rejected in step, meaning the useris denied access and the conversation exits.

4000 300 3 b FIG. The methodofagain allows authentication using only generic user identification information without knowing the identity of the specific end user (i.e. person) operating the device.

300 400 300 400 300 500 400 300 804 Further, the identification token (digest code) is sent to the workstationso that it can be used by the client application on the workstation to log in with the server and access the virtual agent function. The serveronly recognises users via their digest code, however the workstationdoes not have the digest code stored thereon and instead needs to get it from the server first. Sending the tokens (both identification token and one-time authentication token) from the serverto the workstationvia the remote management moduleallows the serverto confirm it is communication with the particular work stationclaimed in the REST call of step.

4000 814 816 818 400 500 500 500 Put another way, in the methodthe steps,andperform the function of providing an alternative channel to send the tokens (needed to log in with the server) to the user. The alternative channel is via the remote management module. Thus, the method prevents malicious parties using a device not registered with the remote management modulefrom spoofing the workstation device ID, as the remote management modulewould only send the tokens necessary for login in with the server to the actual workstation that made the initial REST call.

820 400 Additionally, stepperforms the function of sending the tokens back to the serverfor to verify the user and allow the transaction/authentication to complete (i.e. logging in with the server). This method replaces the need for the user to enter a password each time they wish to access the virtual agent function, thus enabling the authentication to be performed without active involvement by the user.

3000 4000 4000 402 300 400 400 400 3 a FIG. 3 b FIG. 3 b FIG. As well as providing the same advantages of the methodof, the methodofprovides a number of further advantages. In particular, in the methodof, both the identification token and the one-time authentication token must be matched to allow access to the computer program(the virtual agent function). This introduces a further round of verification in which the workstationthen needs to send both of these tokens to the serverto launch the virtual agent. The serverwill only allow the request for accessing the virtual agent function if, as well as receiving the correct identification token, the incoming one-time authentication token matches the one-time authentication token the serverhad previously generated and is awaiting a connection on.

100 300 4000 812 The one-time authentication token is generated every time a useraccesses the system, and therefore allows for additional security based on session. The workstationwill only be able to access the virtual agent and establish a session if the workstation possesses the particular the one-time authentication token for that session. In other words, after a predetermined period of time from generation of the one-time authentication token, the one-time authentication token will expire and the server will not allow access to the virtual agent function using that one-time authentication token. After the one-time authentication token has expired, the entire methodwill then need to be repeated, to reauthenticate the user. In this way, the sessions can be prevented from persisting for longer than desired, meaning that a malicious party having knowledge of the identification token alone would not be enough to access the omnichannel system. The predetermined period of time for expiry of the one-time authentication token may be the same as the length of time the one-time authentication token is stored in the memoryin some embodiments.

300 500 300 Lastly, in the case that a malicious third party somehow had access to a workstationregistered with the remote management module, the method would still prevent the third party from accessing the virtual agent. The workstation generates the generic user identification information from the current user account logged into on the workstation. Access to this user account with generic user identification information corresponding to an allowed entity is restricted to employees of the organisation of the allowed entity. Therefore the third party would be unable to access the virtual agent without having access to a user account to generate the generic user identification.

300 300 500 818 708 3000 400 300 500 3 a FIG. Further, in some embodiments, the method can also prevent spoofing of the generic user identification information in order to access the virtual agent function. To prevent the malicious third party sending spoofed generic user identification information from a registered workstation, a check may be performed that the identification token passed to the workstationfrom the remote management modulein step(or stepof methodof) matches the current user account logged into on the workstation. The request will only proceed if the generic user identification information in the initial request (used by the serverto obtain the identification token) corresponds to that of the logged in user. Therefore the malicious third party would need access to a user account corresponding to an allowed entity as well as to a workstationregistered with the remote management modulein order to access the virtual agent function.

Previously, when the ground handling staff in the ATI have encountered issues with equipment, assistance has been requested by raising a ticket with a help desk, or telephoning a field engineer to request assistance. These options can result in slow response times and can be time consuming and increase workload for those required to provide the assistance. Inability to fix issues in time can result in delays with passenger and baggage handling. Self-service via a virtual agent function is therefore desirable for all parties.

402 4 8 FIGS.A toB Various features of a virtual agent function which may be used as the computer programin the above described embodiments will now be described in relation to. Again the following description is based on a ATI scenario, however it should be understood that the following embodiments are not limited thereto.

1 FIG. 402 100 300 402 300 300 Returning to, in the case that the computer programis a virtual agent function, the userof the devicecan input an input query to the virtual agent function. For example, in the case that the virtual agent function is an automated chatbot the input query is a text command input via the device, e.g. a via keyboard. In the case that the virtual agent function is an automated voicebot the input query is a voice command input via the device, e.g. a via headset.

404 410 404 402 In either case, the input query is processed using the NLU moduleto determine an intent of the input query. In the case of a voicebots virtual agent function, the input voice command is converted, via the speech to text module, into a text command prior to the processing by the NLU module. The virtual agent functionthen performs an automated action based on the determined intent.

404 100 300 100 300 100 402 In some embodiments, either in addition to or as an alternative to the user inputting an input query and the virtual agent using the NLU moduleto determine the intent of the query, the virtual agent function may present a plurality of prompts to the useron the device. For example if the virtual agent is a chatbot, the virtual agent may display a number of clickable options on the device. If the virtual agent is a voicebot, a number of prompts may be read out to the uservia the device, for example an interactive voice response (IVR) method may be used. In either case, the usermay input a selection of one of the prompts, and the virtual agent functionmay perform a predetermined automated action based on the selected prompt.

4 4 a c FIGS.to 4 4 a c FIGS.to 4 4 a c FIGS.to 402 300 100 show an example self-service interaction with a virtual agent functionin an embodiment of the present invention. In the embodiment of, the virtual agent is a chatbot in which user inputs are obtained via clickable prompts.show screenshots of the chatbot conversation as would be visible on the workstationto the user.

902 402 100 300 904 300 100 4 a FIG. 4 b FIG. In stepin, the virtual agentpresents a list of prompts relating to automated actions that the virtual agent can perform. The userselects “Check Workstation Health” as the automated action. The virtual agent then performs a health check on the workstationand proceeds to stepshown in, where a summary report card is displayed with key performance metrics and status of key services. The virtual agent suggests further automated remediation actions such as rebooting the workstation, based on the results of the health check, to which the usermay select a response via yes or no prompts.

906 300 300 500 200 4 c FIG. As shown in stepinthe user may select “yes” to the virtual agent fixing an issue with a peripheral device such as a scanner connected to the workstation. Such automated remediation actions are performed on the workstationvia the remote management module. If an automated remediation action is unsuccessful, the virtual agent may ask the user if they wish to log an incident via a prompt, or speak to a live agent.

5 5 a b FIGS.and 5 5 a b FIGS.and 5 5 a b FIGS.and 402 404 300 100 show another example self-service interaction with a virtual agent functionin an embodiment of the present invention. In the embodiment of, the virtual agent is a chatbot which user inputs are obtained via both textual inputs processed by the NLU moduleand via clickable prompts.show screenshots of the chatbot conversation as would be visible on the workstationto the user.

912 100 914 404 5 a FIG. 5 b FIG. In stepin, the userselects “Raise an issue” as the automated action. In stepin, the virtual agent then automatically logs an incident with a central database, seeking various pieces of information from the user and processing the user's responses using the NLU module.

402 500 300 instructing the remote management moduleto perform a remote action on the device; 500 300 instructing the remote management moduleto reboot the device or a peripheral device connected to the device; 500 300 instructing the remote management moduleto restart a service running on the device; 500 300 instructing the remote management moduleto perform a remediation action on the device or a peripheral device connected to the device; 500 300 instructing the remote management moduleto perform a health check on the device, and optionally displaying a report of the health check on the device; logging a record with a central database; creating an incident report with a central database; checking the status of an existing incident report or record. In general, various other automated actions may be performed by the virtual agent function. These include but are not limited to:

These automated remote actions may be triggered by the virtual agent while the user is in conversation with the chatbot/voicebot, in some embodiments.

402 612 402 2 FIG. The virtual agent programmay be integrated with various backend systems, such as those shown in boxof. In some embodiments, the virtual agentcan fulfil requests and update integrated service management systems through REST API calls.

100 300 100 3 302 300 302 300 300 3 a FIG. b In some embodiments, an automated action can include retrieving data from a data storage unit, such as a central database, and outputting the data to the userof the device. The usermay make queries for data relevant to a particular allowed entity. Such data may be private data for that allowed entity, such as account data or billing data or the like. Therefore the retrieving of the data for that allowed entity may only be allowed by the virtual agent if the authentication method oforhas been successfully performed and the current user accountlogged into on the devicehas been confirmed as corresponding to that allowed entity. In this way, the retrieving of data by the virtual agent is conditional on the organisation name associated with the current user accountlogged into on the deviceand/or the location associated with the device.

200 1 FIG. In some embodiments an automated action can include initiating a communication channel with a live agent, as described above in relation to.

402 300 100 300 200 In some embodiments, an automated action can include the virtual agentaccessed on a first devicelogging a fault with a second device with a central database. For example, if a second user has a problem with their device (the second device), they can alert the userof the first device, who can then log a fault on the second user's behalf. This can be particularly beneficial when the second user has an issue meaning that they cannot not log into their workstation (the second device) or they cannot not launch the virtual agent web client on their workstation. In this case, they can request that their colleague on another workstation (the first device) logs an incident or contacts a live agenton their behalf.

402 Using the omnichannel system to access self-service via the virtual agent functionadvantageously allows end users such as airline agents or ground staff to rapidly resolve common issues themselves via the automated actions. Automation and quick resolution of issues is an important as ground staff at airports usually require time-critical resolution of issues to avoid delays in passenger and baggage handling. Further, such self-service reduces the workload on field engineers, enabling them to attend to more complex issues sooner.

404 404 As mentioned above, the virtual agent function of the omnichannel system uses an NLU moduleto determine the user's intent from the input. The NLU modulemay use machine learning based NLU services, which may be cloud based in some embodiments. An NLU based virtual agent allows users to interact with the virtual agent in a conversational mode, rather than navigating through clickable prompts or interactive voice response (IVR) options.

6 FIG. 6 FIG. 6 FIG. 402 404 922 300 100 924 404 shows another example self-service interaction with a virtual agent functionin an embodiment of the present invention. In the embodiment of, the virtual agent is a chatbot which user inputs are obtained via textual inputs processed by the NLU module.shows a screenshotof the chatbot conversation as would be visible on the workstationto the user, along with a flow diagramof the processing performed by the NLU model of the NLU module.

6 FIG. 100 926 As shown in, the userinputs a query to the virtual agent chatbot, in this case asking “What is the status of my request”. This input query is an example of a natural language utterance, in other words the different ways a user can express an intent (i.e. ask for something). For example, instead of asking “What is the status of my request”, the user may have instead asked “What is the status of my tickets” or “Is my issue fixed yet”. In step, the NLU model identifies the utterance input by the user.

928 Next, at stepthe NLU model identifies the entities in the utterance. The entities are objects or contexts for an action, such as a particular device, case number, or an employee's name for example. In the above examples, the entity is “request”, “tickets” and “issue” respectively.

930 6 FIG. At step, the NLU model determines the user's intent based on the utterance and entity/entities. The user's intent is what a user wants to do, for example perform an action such as submitting a service ticket or getting an update on an order. In the example of, the intent is determined as a request for the virtual agent to check the status of an IT ticket of the user. In this way, the NLU model converts a user's natural language utterance into an intent.

6 FIG. The virtual agent can then perform the relevant automated action in response to this intent. The virtual agent runs the action which maps to the determined intent and identified utterance. For example, inthe virtual agent chatbot displays to the user their existing IT ticket RSTM0000001.

404 As mentioned, the NLU model may be a machine learning based model. In the ATI in particular, the omnichannel operator and their customers often use lots of ATI specific terminology which conventional machine learning NLU data sets do not cater for. Further, a user may input an acronym rather than the full phrase. Therefore in some embodiments of the present invention, the NLU model may be expanded to include a vocabulary containing ATI specific terms and phrases. In other words, the NLU machine learning model of the NLU modulemay be trained using vocabulary containing ATI specific terms and phrases. Training based on this vocabulary helps the NLU model understand words and phrases that it may encounter from the users.

WorldTracer Bag Management not receiving BSM messagesThe term “WorldTracer” and the acronym “BSM” are therefore added to the vocabulary and the NLU models retrained. The NLU model is then able to make correct predictions about the user's intent based on the utterance. For example, an example utterance with ATI terminology could be:

Regular: a word or phrase that is not commonly used, such as ATI terminology Pattern: a regular expression that can capture particular formats such as email addresses. In some embodiments, the training data may be expanded to include the following vocabulary types:

100 200 402 404 The end usersof the omnichannel system may be global in some embodiments, and various different users may input queries to the virtual agent function in various different languages. Further, the live agentsusing the omnichannel system may also have their own preferred language. Lastly, the virtual agent programand NLU modulewill use a default language such as English.

100 402 200 618 2 FIG. In some embodiments, the virtual agent function can provide for real time dynamic language translation. In particular, the virtual agent chatbot or voicebot may translate in real time conversations between a userusing a first language and either the virtual agentor a live agentusing a second language. The virtual agent may also translate tickets and transactional data provided by the user in their preferred language into a second language so that support agents working on those tickets (such as the service agentsof) are able understand the user's query/issue and act accordingly.

7 7 a c FIGS.to 7 7 a c FIGS.to 7 7 a c FIGS.to 402 300 100 show an example self-service interaction with a virtual agent functionin an embodiment of the present invention. In the embodiment of, the virtual agent is a chatbot.show screenshots of the chatbot conversation as would be visible on the workstationto the user.

952 100 100 402 7 a FIG. In stepshown in, the useris prompted to select their preferred language. Spanish is selected by the userin this case. The default language of the virtual agent functionis English in this case.

954 402 100 404 400 7 b FIG. In stepshown in, the virtual agentthen proceeds to converse with the userusing Spanish. In the case that the user's input is in a different language to the language which the NLU model has been trained to process (the default language), the input query may be translated from the input language into the language of the NLU model, prior to the processing by the NLU module. Further, any output by the virtual agent, e.g. a follow up question for the user or an automated action based on the determined intent, may be translated from the default language of the virtual agent and NLU model back to the user's preferred language. The translations may be performed by a dynamic translation module (not shown), which may be in the serveror in the cloud in some embodiments.

956 100 404 100 200 7 c FIG. 7 FIG. c. In stepshown in, the userrequests (in Spanish) that the virtual agent connects the user to a live agent. The dynamic translation module translates this request into English, and then the NLU moduledetermines the intent of the user based on the English translation. The virtual agent then performs the automated action of connecting the userinto a live chat with a live agentin

1000 100 100 300 In the present embodiment, the live agent's preferred language is English, compared to the user's preferred language of Spanish. The omnichannel systemmay perform real time dynamic translation to translate chat conversations into both the user's and live agent's preferred languages. For example, the dynamic translation module may translate an input in Spanish by the userinto English prior to the input being displayed on the live agent's workstation. Similarly, the live agent's response in English may be translated back into Spanish, before being displayed to the userat the workstation.

8 a FIG. 7 c FIG. 406 200 An example of this dynamic translation is shown in, which shows an agent consolein one embodiment, where the conversation ofhas been dynamically translated in real time into English for the agent.

8 b FIG. 8 b FIG. 406 100 200 100 200 Further,shows an example of an agent consolein another embodiment, where a conversation with an end usermessaging in French is dynamically translated in real time into English for the live agent. In the embodiment of, a notification at the top of the live agent's chat window shows the source language of the user. The live agentcan enable and disable dynamic translation in their chat window per chat session.

1000 200 402 100 In each of the above embodiments, the omnichannel systemcan dynamically translate conversations between the user and live/virtual agent on the fly. The translation may be performed using a cloud translation service, for example Google Translate. As well as the user-agent conversation, interaction and incident data may also be translated. This enables live agentsand the virtual agentto converse freely with users.

Lastly, in some embodiments the virtual agent may be capable of language detection, so that conversations with a user who has selected a preferred language can be routed to a live agent who that is equipped to deal with that language.

Although described separately, the features of the embodiments outlined above may be combined in different ways where appropriate. Various modifications to the embodiments described above are possible and will occur to those skilled in the art without departing from the scope of the invention which is defined by the following claims.